Help Center/ Document Database Service/ API Reference/ Permissions Policies and Supported Actions/ DDS Actions

Updated on 2023-01-18 GMT+08:00

View PDF

DDS Actions

**Table 1** DB instance management actions
Permissions	APIs	Action	IAM Project	Enterprise Project
Creating a DB instance	POST /v3/{project_id}/instances	dds:instance:create vpc:vpcs:list vpc:vpcs:get vpc:subnets:get vpc:securityGroups:get vpc:ports:get	√	√
Querying DB instances	GET /v3/{project_id}/instances?id={id}&name={name}&mode={mode}&datastore_type={datastore_type}&vpc_id={vpc_id}&subnet_id={subnet_id}&offset={offset}&limit={limit}	dds:instance:list	√	√
Deleting a DB instance	DELETE /v3/{project_id}/instances/{instance_id}	dds:instance:deleteInstance	√	√
Restarting a DB instance	POST /v3/{project_id}/instances/{instance_id}/restart	dds:instance:reboot	√	√
Scaling up storage space	POST /v3/{project_id}/instances/{instance_id}/enlarge-volume	dds:instance:extendVolume	√	√
Adding nodes for a cluster instance	POST /v3/{project_id}/instances/{instance_id}/enlarge	dds:instance:extendNode vpc:vpcs:list vpc:vpcs:get vpc:subnets:get vpc:securityGroups:get vpc:ports:get	√	√
Modifying DB instance specifications	POST /v3/{project_id}/instances/{instance_id}/resize	dds:instance:modifySpec	√	√
Performing a primary/secondary switchover in a replica set instance.	POST /v3/{project_id}/instances/{instance_id}/switchover	dds:instance:switchover	√	√
Enabling or disabling SSL	POST/v3/{project_id}/instances/{instance_id}/switch-ssl	dds:instance:modifySSL	√	√
Changing a DB instance name	PUT /v3/{project_id}/instances/{instance_id}/modify-name	dds:instance:modify	√	√
Changing a database port	POST /v3/{project_id}/instances/{instance_id}/modify-port	dds:instance:modifyPort	√	√
Changing a security group	POST /v3/{project_id}/instances/{instance_id}/modify-security-group	dds:instance:modifySecurityGroup	√	√
Binding an EIP	POST /v3/{project_id}/nodes/{node_id}/bind-eip	dds:instance:bindPublicIp	√	√
Unbinding an EIP	POST /v3/{project_id}/nodes/{node_id}/unbind-eip	dds:instance:unbindPublicIp	√	√
Changing the private IP address of a DB instance.	POST /v3/{project_id}/instances/{instance_id}/modify-internal-ip	dds:instance:modifyVIP	√	√
Enabling shard or config IP addresses	POST /v3/{project_id}/instances/{instance_id}/create-ip	dds:instance:createIp	√	√
Querying AZs to which an instance can be migrated	GET /v3/{project_id}/instances/{instance_id}/migrate/az	dds:instance:migrate	√	√
Migrating a DB instance to another AZ	POST /v3/{project_id}/instances/{instance_id}/migrate	dds:instance:migrate	√	√

**Table 2** Connection Management
Permissions	API	Action	IAM Project	Enterprise Project
Querying sessions of an instance node	GET /v3/{project_id}/nodes/{node_id}/sessions	dds:instance:session	√	√
Killing a session of an instance node	POST /v3/{project_id}/nodes/{node_id}/session	dds:instance:session	√	√
Querying the number of connections to an instance node	GET /v3/{projectId}/instances/{instance_id}/conn-statistics	dds:instance:list	√	√

**Table 3** Backup and restoration
Permissions	APIs	Action	IAM Project	Enterprise Project
Creating a manual backup	POST /v3/{project_id}/backups	dds:instance:createManualBackup	√	√
Deleting a manual backup	DELETE /v3/{project_id}/backups/{backups_id}	dds:backup:delete	√	√
Querying the backup list	GET /v3/{project_id}/backups?instance_id={instance_id}&backup_id={backup_id}&backup_type={backup_type}&offset={offset}&limit={limit}&begin_time={begin_time}&end_time={end_time}&mode={mode}	dds:backup:list	√	√
Querying an automated backup policy	GET /v3/{project_id}/instances/{instance_id}/backups/policy	dds:instance:list	√	√
Setting an automated backup policy	PUT /v3/{project_id}/instances/{instance_id}/backups/policy	dds:instance:modifyBackupPolicy	√	√
Restoring data to a new DB instance	POST /v3/{project_id}/instances	dds:instance:create vpc:vpcs:list vpc:vpcs:get vpc:subnets:get vpc:securityGroups:get vpc:ports:get	√	√
Obtaining the link for downloading a backup file	GET /v3/{projectId}/backups/download-file	dds:backup:download	√	√
Querying restoration time ranges	GET /v3/{project_id}/instances/{instance_id}/restore-time	dds:instance:list	√	√
Obtaining the list of databases that can be restored	GET /v3/{project_id}/instances/{instance_id}/restore-database	dds:instance:list	√	√
Obtaining the list of databases collections that can be restored	GET /v3/{project_id}/instances/{instance_id}/restore-collection	dds:instance:list	√	√
Restoring data to the original DB instance	POST /v3/{project_id}/instances/recovery	dds:backup:refreshInstanceFromBackup	√	√
Restoring databases and tables to a point in time	POST /v3/{project_id}/instances/{instance_id}/restore/collections	dds:backup:refreshInstanceFromBackup	√	√

**Table 4** Configuring parameters
Permissions	APIs	Action	IAM Project	Enterprise Project
Obtaining parameter templates	GET /v3/{project_id}/configurations	dds:param:list	√	√
Creating a parameter template	PUT /v3/{project_id}/configurations	dds:param:create	√	√
Deleting a parameter template	DELETE /v3/{project_id}/configurations/{config_id}	dds:param:delete	√	√
Obtaining details about a parameter template	GET /v3/{projectId}/configurations/{configId}	dds:param:list	√	√
Modifying a parameter template	PUT /v3/{project_id}/configurations/{config_id}	dds:param:modify	√	√
Applying a parameter template	PUT /v3/{project_id}/configurations/{config_id}/apply	dds:instance:modifyParameter	√	√
Obtaining information about parameters of a specified DB instance.	GET /v3/{project_id}/instances/{instance_id}/configurations	dds:param:list	√	√
Modifying parameters of a specified db instance	PUT /v3/{project_id}/instances/{instance_id}/configurations	dds:instance:modifyParameter	√	√

**Table 5** Obtaining log information
Permissions	APIs	Action	IAM Project	Enterprise Project
Querying database slow logs	GET /v3/{project_id}/instances/{instance_id}/slowlog	dds:instance:list	√	√
Obtaining the link for downloading slow query logs	POST /v3/{project_id}/instances/{instance_id}/slowlog-download	dds:instance:list	√	√
Querying database error logs	GET /v3/{project_id}/instances/{instance_id}/errorlog	dds:instance:list	√	√
Obtaining the link for downloading error logs.	POST /v3/{project_id}/instances/{instance_id}/errorlog-download	dds:instance:list	√	√
Setting a policy for audit logs	POST /v3/{project_id}/instances/{instance_id}/auditlog-policy	dds:instance:modifyAuditLogSwitch	√	√
Querying the audit log policy	GET /v3/{project_id}/instances/{instance_id}/auditlog-policy	dds:instance:list	√	√
Querying the audit log list	GET /v3/{project_id}/instances/{instance_id}/auditlog	dds:instance:list	√	√
Obtaining the link for downloading audit logs.	POST /v3/{project_id}/instances/{instance_id}/auditlog-links	dds:instance:downloadAuditLog	√	√

**Table 6** Tag management
Permissions	APIs	Action	IAM Project	Enterprise Project
Adding or deleting resource tags in batches	POST /v3/{project_id}/instances/{instance_id}/tags/action	dds:instance:modify	√	√
Querying resource tags	GET /v3/{project_id}/instances/{instance_id}/tags	dds:instance:list	√	√

**Table 7** Database and account management
Permissions	APIs	Action	IAM Project	Enterprise Project
Creating a database user	POST /v3/{project_id}/instances/{instance_id}/db-user	dds:instance:createDatabaseUser	√	√
Creating a database role	POST /v3/{project_id}/instances/{instance_id}/db-role	dds:instance:createDatabaseRole	√	√
Deleting a database user	DELETE /v3/{project_id}/instances/{instance_id}/db-user	dds:instance:deleteDatabaseUser	√	√
Deleting a database role	DELETE /v3/{project_id}/instances/{instance_id}/db-role	dds:instance:deleteDatabaseRole	√	√
Changing the password of a database user	PUT /v3/{project_id}/instances/{instance_id}/reset-password	dds:instance:resetPasswd	√	√
Querying details about database users	GET /v3/{project_id}/instances/{instance_id}/db-user/detail? offset ={offset}&limit={limit}&user_name={user_name }&db_name={db_name}	dds:instance:get	√	√
Querying the database role list	GET /v3/{project_id}/instances/{instance_id}/db-roles?role_name={role_name}&db_name={db_name}&offset={offset}&limit={limit}	dds:instance:get	√	√
Querying and setting the cluster balancer	GET /v3/{project_id}/instances/{instance_id}/balancer PUT /v3/{project_id}/instances/{instance_id}/balancer/{action} PUT /v3/{project_id}/instances/{instance_id}/balancer/active-window	dds:instance:balancer	√	√

The check mark (√) indicates that an action takes effect. The cross mark (x) indicates that an action does not take effect.

Parent topic: Permissions Policies and Supported Actions

Previous topic: Introduction

Next topic: Appendix

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.